Personalized Medicine and Privacy

Protecting Genetic Information
A personalized medicine project leveraging genetic information holds great promise for improving patient treatment but requires multiple privacy protections, says Scott Megill, CIO at the Coriell Institute for Medical Research.

In one of Coriell's many research projects, the institute is working with physicians at Ohio State University Medical Center to enable them to access customized reports within electronic health records about how certain patients' genetic makeup could affect the efficacy of certain drugs used for their treatment, Megill explains. In addition, information on the patients is being added to a database that will support broader research on personalized medicine.

To help protect privacy, the EHRs do not include the patients' full genetic sequence or even a subset, he stresses. Instead, the records only include a summary of their genetic variations and how they might affect treatment.

The OSU project is a "first wave trial of how we can get this information in front of physicians at the time at which they are actually providing care," Megill says. "The way you do that is to push this information directly into the system they are using. ... If we can get that information at their fingertips, make it human-readable and readily accessible, we're really interested to find out just how much this information is used to change the course of healthcare that is provided to that patient."

In an interview with HealthcareInfoSecurity's Howard Anderson, Megill describes the many security steps project organizers are taking. Those include:

  • The information in the research database is de-identified so it cannot be tied back to individual patients. "We're spending an awful lot of time and attention in making sure the genetic information has been de-identified in such a way so that even if there were some sort of a breach of our technological security, that information would be virtually useless," he says.
  • The database is stored on Coriell's own servers, which are protected by security technologies. "These banks of information that have been de-identified are protected by industry-standard firewalls and industry-standard authentication mechanisms," he says.
  • Any information exchanged between OSU and Coreill is encrypted. "There is no information flowing back and forth that is open to any sort of Internet-access hacking or sniffing," he says.

As CIO at the Coriell Institute, Megill oversees the information technology and customer support departments responsible for all electronic data systems and order processing. He formerly was lead enterprise architect and program director for the digital rights and identity management initiative at Dow Chemical/Rohm & Haas Co.

HOWARD ANDERSON: Please tell us a bit about the institute and its ongoing research. And explain why it recently launched the personalized medicine project involving electronic health records of certain patients at Ohio State University Medical Center.

SCOTT MEGILL: The institute has had a primary focus in bio-banking for many decades. Three to four years ago, we introduced a new personalized medicine research study that has broadened the scope of what we do at the Coriell Institute to include genetic information as part of personalized healthcare. The intent of the study is to try and understand the usability of genetic information as it relates to healthcare, but also attitudes and perceptions on the use of this kind of information.

Recently we introduced about 6,000 people into a community arm of the study, which allowed them to come to one of our informed consent sessions and listen to information about what the uses of their information would be, and then understand a little about what would be returned to them by way of a web-based portal. Essentially it is information about their predilections for certain complex conditions, and ultimately the potential efficacy of drug interactions with their particular genetic makeup.

Now we've also included some cohorts that are specifically targeted toward conditions that have been pre-defined. So we've been creating collaborations with partners like Ohio State University to target some cohorts that have some known medical conditions. With Ohio State University we do two things. We are bringing members of the Ohio State patient community into the collaborative that we've created, called the Coriell Personalized Medicine Collaborative, or CPMC for short. Those patients from Ohio State come in with pre-existing conditions related to coronary artery disease and other heart conditions. The intent there is not only to start to study patients that we know have certain conditions, but also to begin to pilot the interaction of genetically informed information in electronic health records. The intent is to integrate the information that is returned by the CPMC initiative with the clinical care system that is being used by the physicians at Ohio State.

Genetic Information in EHRs

ANDERSON: Plans call for including genomic information in the electronic health records of about 1,800 patients treated by Ohio State physicians for congestive heart failure or hypertension. Tell us how that genetic information will be gathered, how it will be included in the EHR, and how the physicians then will use it.

MEGILL: There is a continuum of information that happens here when we do genetic testing. The way patients are enrolled in the process, they certainly go through informed consent sessions the same way that we do for our community arm. But then they are asked to give us a salvia sample. So they spit in a tube and we process it in our certified laboratory. The DNA that is provided as part of that saliva sample is used in a genetic chip-based technology from a company called Affymetrix. And that produces about 2 million points of data for each of the participants in the study. It's an overwhelming amount of information.

That information, in and of itself, is not what is used to report back to doctors ... That is simply overwhelming, and, quite frankly, not human-readable. What is abstracted from that is a variance file to tell us what is really of interest in the 2 million points of data. Then what we do at Coriell is marry that information with an awful lot of scientific journals and publications. And an evidence code that we've developed at Coriell gives us a confidence rating on returning information back to a doctor for clinical care. So if there has been a single paper published about a particular correlation between a genetic variation and a condition, it may not be good enough for us to tell doctors about it. We use this chain of evidence, and the bulk of knowledge that is being developed constantly in the scientific community, to try and understand when we've reached a threshold of something that we consider to be reportable and actionable. We generate reports based on that.

We are reporting today on complex conditions like type II diabetes and coronary artery disease, and we've just begun reporting on what's called pharmacogenomic results, which are the known scientific studies that have correlated genetic make-up with what efficacy certain drugs will have for that particular person. It's quite scientifically valid now to say that if you have a certain genetic make-up, Plavix, for example, will not metabolize for that particular person. That is something of particular interest to the doctors as they try to prescribe treatment.

What we are actually doing with the EMR system, which at Ohio State is from Epic Systems Corp., is to pass to them not the raw genetic files but the abstracted and analyzed version of the report itself, which is very human-readable. We've spent an awful lot of time and attention on making sure the report is something that a doctor can use right there in the clinic with the patient in front of them. ... The raw information itself is extremely valuable to researchers. Having the ability to correlate EMR records, information about clinical care, with genetic information is something that in a large database would be extremely helpful for us to try and create new discovery work. So what we're doing is passing that information to Ohio State, but not just for use in the direct EMR system, but also drawing information out of their EMR so that we can really create a de-identified research data playground.

Privacy Issues Raised

ANDERSON: Does adding the genetic information, as you described it, to the EHRs raise new privacy risks for the EHRs themselves?

MEGILL: The EHR certainly will contain new, valuable information to physicians. And for that we're very glad and hopeful of the promise of what this can bring. But putting genetic risk information in these EHR systems, just the analyzed reports, is not a whole lot different than virtually any other lab test that might be run for a given patient. My genetic information is really a physiological characteristic of me, just like my blood pressure and my cholesterol level. The report returned from a laboratory that tells me I have high cholesterol is essentially the same ... classification of information we're talking about when we say that I have a specific gene make-up that gives me some information about what care might be appropriate for me.

Because we're not talking about putting the full genetic sequence, or even the subset of sequence, that we do testing for into the EHR itself, we're not introducing any new privacy risks, other than there may be some information that is returned as part of a genetic report that is new and novel. That's something we just haven't been able to do before.

We know that genetic information is protected by a federal law called GINA (Genetic Information Nondiscrimination Act of 2008), which means you can't be discriminated against based on your genetic information. But like anything else, it's something we are paying very close attention to and making sure that everything that we do adheres to HIPAA standards and other federal regulations for protection of privacy.

EHRs and HIPAA

ANDERSON: So what steps does the medical center already take to protect the privacy and the security of EHRs? Does it take any additional steps to protect this new genetic information that is in it?

MEGILL: I can't speak for the information technology folks at Ohio State in too much detail, other than to say Ohio State certainly adheres to all of the regulations of HIPAA and the protection of personalized information for all of their patients. One thing I will say is that as we talk about the use of information for research purposes, we're spending an awful lot of time and attention in making sure that the genetic information has been de-identified in such a way that even if there were some sort of a breach of our technological security, the information would be virtually useless.

There are two uses of this information. There is the marrying of the specific genetic results to the patient information in the EHR, and then there is this creation of a research data bank which can be used and re-used. It is the second use that we are paying new and critical attention to - making sure that no one can abuse that information.

The De-identification Process

ANDERSON: Can you tell us a little bit more about how you restrict access to that database, and how that de-identification process works?

MEGILL: We host all of our systems here, so we're not using any external hosts for storage of information or for any direct external access. The information is within the confines of our firewall and our security systems at Coriell. There is a similar scenario at Ohio State. Where we have these banks of information that have been de-identified, they are protected by an industry-standard firewall and industry-standard authentication mechanisms. Anytime we push anything over the wire as we exchange information between New Jersey and Ohio State, we're using encrypted channels for all of it. There is no information flowing back and forth that is open to any sort of Internet-access hacking or sniffing.

We're quite confident in the data security that we have on site here, but at the same time, nothing is full-proof. The banks will certainly attest to that. What we've done is spend a lot of time making sure that even if the information was to somehow be taken from our organization, it can't in any way be tied back to a specific individual. We do that by essentially stripping away everything but basic demographic information about that patient when the information is collected and stored. At Coriell we do that by bar coding, so all personally identifying information about the sample itself is not stored electronically. It's bar coded and matched only at the time in which a patient or a participant in our study logs into our web-based portal. They authenticate to a web-based portal, which has information only identifiable by an e-mail address.

There are no names, addresses or anything else that we store. That information lives in an entirely separate, encrypted system from the actual genetic information and risk reports. The only time those two databases talk is at the user's browser over an encrypted channel. It is a late-binding authentication system. And there is something very similar going on when we push that information direct into the OSU EMR system.

Genomic Information within EHRs

ANDERSON: Finally, what do you hope to learn about having access to genomic information within EHRs and how it might affect the quality of care?

MEGILL: What we are seeing as the choke point for the adoption of genetic information and personalized medicine is the ongoing education of the clinicians themselves. This is a whole new field. We are on the cutting edge here. There weren't courses being offered at medical schools 10 to 15 years ago. What we are seeing is a widespread consensus that genetic information will be increasingly important in the care of patients in the future. But there is a healthy degree of skepticism, and an education gap, on how to actually use it.

We've been looking at this as a first-wave trial of how we can get this information in front of a physician at the time in which they are actually providing care. The way you do that is to push this information directly into the system they are using, which happens to be in OSU's case the Epic EMR system. If we can get that information at their fingertips, make it human-readable and readily accessible, we're really interested to find out just how much this information is used to change the course of healthcare that is provided to that patient.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.